ronrsr wrote: > querystring = "update zingers set keywords = '%s', citation = > '%s', quotation = %s' where zid = %d" % > (keywords,citation,quotation,zid)
that's not a good way to pass strings to the database. for the right way to do this, see: http://effbot.org/pyfaq/how-do-i-escape-sql-values-when-using-the-db-api </F> -- http://mail.python.org/mailman/listinfo/python-list
